diff --git a/app/controllers/platforms/repositories_controller.rb b/app/controllers/platforms/repositories_controller.rb index faf5b707b..ec80cfd5e 100644 --- a/app/controllers/platforms/repositories_controller.rb +++ b/app/controllers/platforms/repositories_controller.rb @@ -7,8 +7,8 @@ class Platforms::RepositoriesController < Platforms::BaseController before_action :authenticate_user! skip_before_action :authenticate_user!, only: [:index, :show, :projects_list] if APP_CONFIG['anonymous_access'] - before_action :set_members, only: [:edit, :update] - before_action :load_repository + before_action :load_repository, except: [:index, :create, :new] + before_action :set_members, only: [:edit, :update] before_action -> { @repository = @platform.repositories.find(params[:id]) if params[:id] } def index @@ -21,11 +21,10 @@ class Platforms::RepositoriesController < Platforms::BaseController end def edit - authorize @repository end def update - authorize @repository + authorize @repository = @platform.repositories.build(params[:repository]) if @repository.update_attributes params[:repository].slice(:description, :synchronizing_publications, :publish_builds_only_from_branch).merge(publish_without_qa: (params[:repository][:publish_without_qa] || @repository.publish_without_qa)) flash[:notice] = I18n.t("flash.repository.updated") redirect_to platform_repository_path(@platform, @repository) @@ -37,7 +36,6 @@ class Platforms::RepositoriesController < Platforms::BaseController end def remove_members - authorize @repository User.where(id: params[:members]).find_each do |user| @repository.remove_member(user) end @@ -45,7 +43,6 @@ class Platforms::RepositoriesController < Platforms::BaseController end def add_member - authorize @repository if member = User.find_by(id: params[:member_id]) if @repository.add_member(member) flash[:notice] = t('flash.repository.members.successfully_added', name: member.uname) @@ -106,7 +103,6 @@ class Platforms::RepositoriesController < Platforms::BaseController end def projects_list - authorize @repository render(text: @repository.projects.map(&:name).join("\n")) && return if params[:text] == 'true' owner_subquery = " @@ -142,7 +138,6 @@ class Platforms::RepositoriesController < Platforms::BaseController end def remove_project - authorize @repository if projects_list = params.try(:[], :repository).try(:[], :projects_list) @repository.remove_projects projects_list redirect_to platform_repository_path(@platform, @repository), notice: t('flash.repository.projects_will_be_removed') @@ -168,7 +163,6 @@ class Platforms::RepositoriesController < Platforms::BaseController end def sync_lock_file - authorize @repository if params[:remove] @repository.remove_sync_lock_file flash[:notice] = t('flash.repository.sync_lock_file_removed') @@ -183,7 +177,7 @@ class Platforms::RepositoriesController < Platforms::BaseController # Private: before_action hook which loads Repository. def load_repository - authorize @repository = @platform.repositories.find(params[:id]), :show? if params[:id] + authorize @repository = @platform.repositories.find(params[:id]) end def set_members diff --git a/spec/controllers/platforms/repositories_controller_spec.rb b/spec/controllers/platforms/repositories_controller_spec.rb index e56a9dcaf..20e0752e5 100644 --- a/spec/controllers/platforms/repositories_controller_spec.rb +++ b/spec/controllers/platforms/repositories_controller_spec.rb @@ -4,19 +4,19 @@ shared_examples_for 'user with change projects in repository rights' do it 'should be able to see add_project page' do get :add_project, id: @repository, platform_id: @platform - response.should render_template(:projects_list) + expect(response).to render_template(:projects_list) end it 'should be able to add project to repository' do get :add_project, id: @repository, platform_id: @platform, project_id: @project.id - response.should redirect_to(platform_repository_path(@repository.platform, @repository)) - @repository.projects.should include(@project) + expect(response).to redirect_to(platform_repository_path(@repository.platform, @repository)) + expect(@repository.projects).to include(@project) end it 'should be able to remove project from repository' do get :remove_project, id: @repository, platform_id: @platform, project_id: @project.id - response.should redirect_to(platform_repository_path(@repository.platform, @repository)) - @repository.projects.should_not include(@project) + expect(response).to redirect_to(platform_repository_path(@repository.platform, @repository)) + expect(@repository.projects).to_not include(@project) end end @@ -24,75 +24,77 @@ end shared_examples_for 'user with rights of add/remove sync_lock_file to repository' do it 'should be able to perform sync_lock_file action' do put :sync_lock_file, id: @repository, platform_id: @platform - response.should redirect_to(edit_platform_repository_path(@platform, @repository)) + expect(response).to redirect_to(edit_platform_repository_path(@platform, @repository)) end end shared_examples_for 'user without rights of add/remove sync_lock_file to repository' do it 'should not be able to perform sync_lock_file action' do put :sync_lock_file, id: @repository, platform_id: @platform - response.should redirect_to(redirect_path) + expect(response).to redirect_to(redirect_path) end end shared_examples_for 'user without change projects in repository rights' do it 'should not be able to add project to repository' do get :add_project, id: @repository, platform_id: @platform, project_id: @project.id - response.should redirect_to(redirect_path) - @repository.projects.should_not include(@project) + expect(response).to redirect_to(redirect_path) + expect(@repository.projects).to_not include(@project) end it 'should not be able to perform regenerate_metadata action' do put :regenerate_metadata, id: @repository, platform_id: @platform - response.should redirect_to(redirect_path) + expect(response).to redirect_to(redirect_path) expect(@repository.repository_statuses.count).to eq 0 end it 'should not be able to remove project from repository' do delete :remove_project, id: @repository, platform_id: @platform, project_id: @project.id - response.should redirect_to(redirect_path) - @repository.projects.should_not include(@project) + expect(response).to redirect_to(redirect_path) + expect(@repository.projects).to_not include(@project) end end shared_examples_for 'registered user or guest' do it 'should not be able to perform new action' do get :new, platform_id: @platform - response.should redirect_to(redirect_path) + expect(response).to redirect_to(redirect_path) end it 'should not be able to perform regenerate_metadata action' do put :regenerate_metadata, id: @repository, platform_id: @platform - response.should redirect_to(redirect_path) + expect(response).to redirect_to(redirect_path) expect(@repository.repository_statuses.count).to eq 0 end it 'should not be able to perform regenerate_metadata action of personal repository' do put :regenerate_metadata, id: @personal_repository, platform_id: @personal_repository.platform - response.should redirect_to(redirect_path) + expect(response).to redirect_to(redirect_path) expect(@personal_repository.repository_statuses.count).to eq 0 end it 'should not be able to perform create action' do post :create, @create_params - lambda { post :create, @create_params }.should change{ Repository.count }.by(0) - response.should redirect_to(redirect_path) + expect do + post :create, @create_params + end.to_not change(Repository, :count) + expect(response).to redirect_to(redirect_path) end it 'should not be able to perform edit action' do get :edit, id: @repository, platform_id: @platform - response.should redirect_to(redirect_path) + expect(response).to redirect_to(redirect_path) end it 'should not be able to perform update action' do put :update, id: @repository, platform_id: @platform - response.should redirect_to(redirect_path) + expect(response).to redirect_to(redirect_path) end it 'should not be able to add new member to repository' do post :add_member, id: @repository, platform_id: @platform, member_id: @another_user.id - response.should redirect_to(redirect_path) - @repository.members.should_not include(@another_user) + expect(response).to redirect_to(redirect_path) + expect(@repository.members).to_not include(@another_user) end it 'should not be able to remove members from repository' do @@ -101,37 +103,40 @@ shared_examples_for 'registered user or guest' do create_relation(@repository, another_user2, 'admin') post :remove_members, id: @repository, platform_id: @platform, members: [@another_user.id, another_user2.id] - response.should redirect_to(redirect_path) - @repository.members.should include(@another_user, another_user2) + expect(response).to redirect_to(redirect_path) + expect(@repository.members).to include(@another_user, another_user2) end it 'should not be able to destroy repository in main platform' do delete :destroy, id: @repository, platform_id: @platform - response.should redirect_to(redirect_path) - lambda { delete :destroy, id: @repository, platform_id: @platform }.should change{ Repository.count }.by(0) + expect(response).to redirect_to(redirect_path) + expect do + delete :destroy, id: @repository, platform_id: @platform + end.to_not change(Repository, :count) end it 'should not be able to destroy personal repository' do - lambda { delete :destroy, id: @personal_repository, platform_id: @personal_repository.platform} - .should change{ Repository.count }.by(0) - response.should redirect_to(redirect_path) + expect do + delete :destroy, id: @personal_repository, platform_id: @personal_repository.platform + end.to_not change(Repository, :count) + expect(response).to redirect_to(redirect_path) end end shared_examples_for 'registered user' do it 'should be able to perform index action' do get :index, platform_id: @platform - response.should render_template(:index) + expect(response).to render_template(:index) end it 'should be able to perform show action' do get :show, id: @repository, platform_id: @platform - response.should render_template(:show) + expect(response).to render_template(:show) end it 'should be able to perform projects_list action' do get :projects_list, id: @repository, platform_id: @platform, format: :json - response.should be_success + expect(response).to be_success end end @@ -143,49 +148,53 @@ shared_examples_for 'platform admin user' do it 'should be able to perform new action' do get :new, platform_id: @platform - response.should render_template(:new) + expect(response).to render_template(:new) end it 'should be able to perform regenerate_metadata action' do put :regenerate_metadata, id: @repository, platform_id: @platform - response.should redirect_to(platform_repository_path(@platform, @repository)) - @repository.repository_statuses.find_by(platform_id: @platform). - waiting_for_regeneration?.should be_truthy + expect(response).to redirect_to(platform_repository_path(@platform, @repository)) + expect(@repository.repository_statuses.find_by(platform_id: @platform). + waiting_for_regeneration?).to be_truthy end it 'should be able to perform regenerate_metadata action of personal repository' do put :regenerate_metadata, id: @personal_repository, platform_id: @personal_repository.platform, repository: { build_for_platform_id: @platform.id } - response.should redirect_to(platform_repository_path(@personal_repository.platform, @personal_repository)) - @personal_repository.repository_statuses.find_by(platform_id: @platform). - waiting_for_regeneration?.should be_truthy + expect(response).to redirect_to(platform_repository_path(@personal_repository.platform, @personal_repository)) + expect(@personal_repository.repository_statuses.find_by(platform_id: @platform). + waiting_for_regeneration?).to be_truthy end it 'should not be able to perform regenerate_metadata action of personal repository when build_for_platform does not exist' do put :regenerate_metadata, id: @personal_repository, platform_id: @personal_repository.platform - response.should render_template(file: "#{Rails.root}/public/404.html") + expect(response).to render_template(file: "#{Rails.root}/public/404.html") expect(@personal_repository.repository_statuses.count).to eq 0 end it 'should be able to create repository' do - lambda { post :create, @create_params }.should change{ Repository.count }.by(1) - response.should redirect_to(platform_repository_path(@platform, Repository.last)) + expect do + post :create, @create_params + end.to change(Repository, :count).by(1) + expect(response).to redirect_to(platform_repository_path(@platform, Repository.last)) end it 'should be able to destroy repository in main platform' do - lambda { delete :destroy, id: @repository, platform_id: @platform }.should change{ Repository.count }.by(-1) - response.should redirect_to(platform_repositories_path(@repository.platform)) + expect do + delete :destroy, id: @repository, platform_id: @platform + end.to change(Repository, :count).by(-1) + expect(response).to redirect_to(platform_repositories_path(@repository.platform)) end it 'should be able to perform edit action' do get :edit, id: @repository, platform_id: @platform - response.should render_template(:edit) + expect(response).to render_template(:edit) end it 'should be able to add new member to repository' do post :add_member, id: @repository, platform_id: @platform, member_id: @another_user.id - response.should redirect_to(edit_platform_repository_path(@repository.platform, @repository)) - @repository.members.should include(@another_user) + expect(response).to redirect_to(edit_platform_repository_path(@repository.platform, @repository)) + expect(@repository.members).to include(@another_user) end it 'should be able to remove members from repository' do @@ -194,23 +203,25 @@ shared_examples_for 'platform admin user' do create_relation(@repository, another_user2, 'admin') post :remove_members, id: @repository, platform_id: @platform, members: [@another_user.id, another_user2.id] - response.should redirect_to(edit_platform_repository_path(@repository.platform, @repository)) - @repository.members.should_not include(@another_user, another_user2) + expect(response).to redirect_to(edit_platform_repository_path(@repository.platform, @repository)) + expect(@repository.members).to_not include(@another_user, another_user2) end it 'should not be able to destroy personal repository with name "main"' do # hook for "ActiveRecord::ActiveRecordError: name is marked as readonly" Repository.where(id: @personal_repository).update_all("name = 'main'") - lambda { delete :destroy, id: @personal_repository, platform_id: @personal_repository.platform} - .should change{ Repository.count }.by(0) - # response.should redirect_to(forbidden_path) - response.should render_template(file: "#{Rails.root}/public/404.html") + expect do + delete :destroy, id: @personal_repository, platform_id: @personal_repository.platform + end.to_not change(Repository, :count) + # expect(response).to redirect_to(forbidden_path) + expect(response).to render_template(file: "#{Rails.root}/public/404.html") end it 'should be able to destroy personal repository with name not "main"' do - lambda { delete :destroy, id: @personal_repository, platform_id: @personal_repository.platform} - .should change{ Repository.count }.by(-1) - response.should redirect_to(platform_repositories_path(@personal_repository.platform)) + expect do + delete :destroy, id: @personal_repository, platform_id: @personal_repository.platform + end.to change(Repository, :count).by(-1) + expect(response).to redirect_to(platform_repositories_path(@personal_repository.platform)) end it_should_behave_like 'user with change projects in repository rights' @@ -246,12 +257,12 @@ describe Platforms::RepositoriesController, type: :controller do it "should not be able to perform show action", anonymous_access: false do get :show, id: @repository - response.should redirect_to(new_user_session_path) + expect(response).to redirect_to(new_user_session_path) end it "should not be able to perform index action", anonymous_access: false do get :index, platform_id: @platform - response.should redirect_to(new_user_session_path) + expect(response).to redirect_to(new_user_session_path) end it 'should not be able to perform projects_list action', anonymous_access: false do